29 March 2007

Smoothwall tunneling (the great escape)

One of the nice features I've discovered in smoothwall is that you can use putty to tunnel data from a local port to the other side of the firewall. A practical application of this is that you can tunnel the smoothwall configuration website meaning you can change settings from a remote location.

Info on how to do this can be found here: http://martybugs.net/smoothwall/puttyvnc.cgi

By setting the tunnel to send the local port 80 to your remote smoothie's port 441 you get to put the address httpS://localhost:80 into your browser and as long as you've logged in via putty, it will tunnel the local port 80 through to port 441 on the smoothwall box (on the inside, so it doesn't need port 441 enabling in the configuration anywhere).

The linked site above shows how this can be used with VNC to remote control machines on the other side of the firewall. You can also use remote desktop by changing port numbers. There are other things you can do as well.

For instance, Marty goes on to explain how to pass remote VPN connections through the smoothwall box to a server (XP Pro) on the inside of your network here: http://martybugs.net/smoothwall/vpn.cgi

Combine this with Bob Cerelli's guide to setting up the VPN server on XP pro (from http://www.onecomputerguy.com/networking/xp_vpn_server.htm ) and you have a quick and easy way to set up an encrypted private link to your home network. The only catch is you need both your smoothwall box and your VPN server to be switched on which is apparently not good for the environment this week. So the question is can we use the VPN section inside smoothwall to do the same thing? Well I'll let you know when I've figured it out.

Another thing you might want to know is why is smoothwall using port 222 instead of 22 for SSH? Well if you want to change it, edit the /usr/local/etc/sshd_config file.